Frameworks

StateRAMP Requirements for Vulnerability Scanning

Nov 3, 2022 Continuum GRC 0 Comment

GRC compliance image - Continuum GRC solutions for cyber security and audit AI-powered cybersecurity 2025 zero trust ransomware protection supply chain security regulatory compliance operational resilience

Ongoing maintenance and upkeep are a cornerstone of all cybersecurity regulations and frameworks. And for a good reason. The rapidly changing threat landscape that businesses and government agencies face daily necessitates an ever-vigilant approach to cybersecurity. Vulnerability scanning is an important part of compliance and security across almost every data-driven industry. Here, we’re discussing what StateRAMP has to say about vulnerability scanning, including frequency, reporting, and remediation requirements.

ISO 17065 and the Standard for Certification Bodies

Oct 26, 2022 Continuum GRC 0 Comment

There is no substitute for a competent and impartial auditor in terms of compliance, security, and correct operations. Organizations that can assess and certify technologies and organizations are essential for ensuring accountability and standards of excellence in place, applying to systems that store sensitive data. To modify a common saying, “who watches the auditors?” That’s where ISO 10765 comes in.

This article will cover this ISO document and what it means for assessors and auditors in any industry.

StateRAMP and Monitoring: Breaking Down the StateRAMP Continuous Monitoring Process

Oct 19, 2022 Continuum GRC 0 Comment

StateRAMP takes several of its requirements from FedRAMP, and perhaps one of the most important requirements is continuous monitoring. Continuous monitoring ensures that systems that earned StateRAMP Authorization remain in compliance year after year, avoiding gaps in security and protecting the interest of state and local governments.